How to Cluster the SCOM 2007 R2 RMS Role into an existing SQL 2008 R2 Cluster
- Install Windows Server 2008 R2 Enterprise onto two nodes
- Add at least 2 NIC’s to each node
- Configure NIC 1 with a local IP subnet for the domain to be used for Management
- Configure NIC 2 with an IP for your ISCSI / Fiber subnet
- Present the ISCSI or Fibre Channel storage LUN and Quorum to each node (i.e. 1 x StorageLUN, 1 x Quorum)
- Install Windows Failover Clustering on each node
Service Account Preparation:
Create the 5 SCOM user accounts in Active Directory following the guide below:
To prepare accounts and groups in Active Directory:
· In Active Directory Users and Computers, create five accounts: the Management Server Action account, the SDK and Configuration Service account, the Data Reader account, the Data Warehouse Write Action account, and an Operations Manager Administrator account. These can all be domain user accounts. No special privileges are required at the domain level. Try to stick to the same naming convention for each new installation of SCOM using similar account to these: (If you have a domain password expiration Group Policy in place and you do not want to change these service account passwords on the same schedule, select Password never expires for the individual accounts.)
Use similar to: srv_scomadmin_group (SCOM Administration Security Group)
|
To prepare accounts and groups on the Operations Manager server:
- On the server that you are going to install Operations Manager on, log on with an account that has local administrator rights.
- In the Computer Management tool, under Local Users and Groups, open the Administrators group and add the Operations Manager Administrators Global Security group that you created in step 2 of "To prepare accounts and groups in Active Directory." Also add the accounts that you created to use as the Management Server Action account, the SDK and Config account, the Data Reader account, and the Data Warehouse Write Action account.
To configure the SDK Service Account to create SPNs dynamically, follow these steps:
1. Click Start, click Run, type Adsiedit.msc, and then click OK.
2. In the ADSI Edit snap-in, expand Domain [DomainName], expand DC= RootDomainName, expand CN=Users, right-click CN= AccountName, and then click Properties.
Notes
- DomainName is a placeholder for the name of the domain.
- RootDomainName is a placeholder for the name of the root domain.
- AccountName is a placeholder for the account that you specify to start the SDK service.
- If you specify the Local System account to start the SDK service, AccountName is a placeholder for the account that you use to log on to Microsoft Windows.
- If you specify a domain user account to start the SDK Service, AccountName is a placeholder for the domain user account.
3. In the CN= AccountName Properties dialog box, click the Security tab.
4. On the Security tab, click Advanced.
5. In the Advanced Security Settings dialog box, make sure that SELF is listed under Permission entries.
(If SELF is not listed, click Add, and then add SELF. )
6. Under Permission entries, click SELF, and then click Edit.
7. In the Permission Entry dialog box, click the Properties tab.
8. On the Properties tab, click This object only in the Apply onto list, and then make sure that the check boxes for the following permissions are selected under Permissions:
- Read servicePrincipalName
- Write servicePrincipalName
9. Click OK three times, and then exit the ADSI Edit snap-in.
That completes Part 2 of this blog series on Clustering the SCOM 2007 R2 RMS Role on a Microsoft SQL 2008 R2 Cluster. In Part 3 we will discuss how to manually create the SQL 2008 R2 databases SCOM requires using the 'DBCreateWizard' utility.
No comments:
Post a Comment